RubyGems - CloudyScripts - Versions diffs - 1.7.27 → 1.8.29 - Mend

CloudyScripts 1.7.27 → 1.8.29

Files changed (32) hide show

data/Rakefile +1 -1
data/lib/audit/benchmark_apache.zip +0 -0
data/lib/audit/benchmark_full.zip +0 -0
data/lib/audit/benchmark_ssh.zip +0 -0
data/lib/audit/checks/benchmark.group +0 -3
data/lib/audit/checks/benchmark.group.apache +3 -0
data/lib/audit/checks/benchmark.group.full +6 -0
data/lib/audit/checks/benchmark.group.ssh +3 -0
data/lib/audit/checks/benchmark.ssh.zip +0 -0
data/lib/audit/lib/audit.rb +7 -7
data/lib/audit/lib/benchmark/audit_benchmark.rb +5 -4
data/lib/audit/lib/benchmark/benchmark_factory.rb +1 -1
data/lib/audit/lib/benchmark/check.rb +2 -2
data/lib/audit/lib/benchmark/group.rb +2 -2
data/lib/audit/lib/benchmark/rule_result.rb +2 -2
data/lib/audit/lib/benchmark/yaml_benchmark.rb +6 -7
data/lib/audit/lib/connection/connection_factory.rb +2 -2
data/lib/audit/lib/connection/ssh_connection.rb +1 -1
data/lib/audit/lib/parser/command/attach_file_command.rb +5 -5
data/lib/audit/lib/parser/command/check_finished_command.rb +3 -3
data/lib/audit/lib/parser/command/cpe_name_command.rb +4 -4
data/lib/audit/lib/parser/command/data_command.rb +5 -5
data/lib/audit/lib/parser/command/listening_port_command.rb +2 -2
data/lib/audit/lib/parser/command/message_command.rb +4 -4
data/lib/audit/lib/parser/command/program_name_command.rb +4 -4
data/lib/audit/lib/parser/script_output_parser.rb +11 -11
data/lib/audit/lib/ssh_fingerprint.rb +2 -2
data/lib/audit/lib/transformers/web_view_transformer.rb +2 -2
data/lib/help/state_transition_helper.rb +60 -3
data/lib/scripts/ec2/audit_via_ssh.rb +150 -0
data/lib/scripts/ec2/ec2_script.rb +1 -1
metadata +176 -157

data/Rakefile CHANGED Viewed

@@ -12,7 +12,7 @@ require 'rake/testtask'
 spec = Gem::Specification.new do |s|
   s.name = 'CloudyScripts'
-  s.version = '1.7.27'
+  s.version = '1.8.29'
   s.has_rdoc = true
   s.extra_rdoc_files = ['README.rdoc', 'LICENSE']
   s.summary = 'Scripts to facilitate programming for infrastructure clouds.'

data/lib/audit/benchmark_apache.zip ADDED Viewed

Binary file

data/lib/audit/benchmark_full.zip ADDED Viewed

Binary file

data/lib/audit/benchmark_ssh.zip ADDED Viewed

Binary file

data/lib/audit/checks/benchmark.group CHANGED Viewed

@@ -1,6 +1,3 @@
 ID: BENCHMARK
 Children:
-   - APACHE2
    - SSH
-   - LYNIS_AUTH
-   - VARIOUS

data/lib/audit/checks/benchmark.group.apache ADDED Viewed

@@ -0,0 +1,3 @@
+ID: BENCHMARK
+Children:
+   - APACHE2

data/lib/audit/checks/benchmark.group.full ADDED Viewed

@@ -0,0 +1,6 @@
+ID: BENCHMARK
+Children:
+   - APACHE2
+   - SSH
+   - LYNIS_AUTH
+   - VARIOUS

data/lib/audit/checks/benchmark.group.ssh ADDED Viewed

@@ -0,0 +1,3 @@
+ID: BENCHMARK
+Children:
+   - SSH

data/lib/audit/checks/benchmark.ssh.zip ADDED Viewed

Binary file

data/lib/audit/lib/audit.rb CHANGED Viewed

@@ -1,12 +1,12 @@
 require 'logger'
-require 'connection/connection_factory'
-require 'benchmark/benchmark_factory'
-require 'linear_script_generator'
-require 'parser/script_output_parser'
-require 'util/random_string'
-require 'benchmark/benchmark_result'
-require 'lazy'
+require 'audit/lib/connection/connection_factory'
+require 'audit/lib/benchmark/benchmark_factory'
+require 'audit/lib/linear_script_generator'
+require 'audit/lib/parser/script_output_parser'
+require 'audit/lib/util/random_string'
+require 'audit/lib/benchmark/benchmark_result'
+require 'audit/lib/lazy'
 class Audit
 	attr_reader :benchmark

data/lib/audit/lib/benchmark/audit_benchmark.rb CHANGED Viewed

@@ -1,6 +1,7 @@
-require 'benchmark/check'
-require 'benchmark/item_exception'
-require 'lazy'
+require 'audit/lib/benchmark/check'
+require 'audit/lib/benchmark/item_exception'
+require 'audit/lib/lazy'
 class AuditBenchmark
 	attr_reader :item_repository
@@ -162,4 +163,4 @@ class AuditBenchmark
       :children => Lazy.new(Lazy.new(@children, :reject) {|x| !x.in_report?}, :map) {|child| Lazy.new(child, :to_hash)}
     }
   end
-end
+end

data/lib/audit/lib/benchmark/benchmark_factory.rb CHANGED Viewed

@@ -1,4 +1,4 @@
-require 'benchmark/yaml_benchmark'
+require 'audit/lib/benchmark/yaml_benchmark'
 class BenchmarkFactory
 	def initialize(options)

data/lib/audit/lib/benchmark/check.rb CHANGED Viewed

@@ -1,4 +1,4 @@
-require 'lazy'
+require 'audit/lib/lazy'
 class Check
 	attr_reader :id 				# The ID by which this check is referenced from other elements
@@ -31,4 +31,4 @@ class Check
   def in_report?()
     return true
   end
-end
+end

data/lib/audit/lib/benchmark/group.rb CHANGED Viewed

@@ -1,4 +1,4 @@
-require 'lazy'
+require 'audit/lib/lazy'
 class Group
@@ -27,4 +27,4 @@ class Group
   def in_report?()
     true
   end
-end
+end

data/lib/audit/lib/benchmark/rule_result.rb CHANGED Viewed

@@ -1,5 +1,5 @@
-require 'benchmark/result_code'
-require 'lazy'
+require 'audit/lib/benchmark/result_code'
+require 'audit/lib/lazy'
 class RuleResult
   attr_reader :rule

data/lib/audit/lib/benchmark/yaml_benchmark.rb CHANGED Viewed

@@ -2,12 +2,11 @@ require 'yaml'
 require 'logger'
 require 'zip/zip'
-require 'benchmark/group'
-require 'benchmark/item_exception'
-require 'benchmark/check'
-require 'benchmark/audit_benchmark'
-require 'benchmark/automatic_dependencies'
+require 'audit/lib/benchmark/group'
+require 'audit/lib/benchmark/item_exception'
+require 'audit/lib/benchmark/check'
+require 'audit/lib/benchmark/audit_benchmark'
+require 'audit/lib/benchmark/automatic_dependencies'
 class YamlBenchmark < AuditBenchmark
@@ -130,4 +129,4 @@ class YamlBenchmark < AuditBenchmark
     raise ItemNotFoundException.new(id), "Item #{id} not found" if @item_repository[id].nil?
     return @item_repository[id]
   end
-end
+end

data/lib/audit/lib/connection/connection_factory.rb CHANGED Viewed

@@ -1,4 +1,4 @@
-require 'connection/ssh_connection'
+require 'audit/lib/connection/ssh_connection'
 class ConnectionFactory
@@ -24,4 +24,4 @@ class ConnectionFactory
 		end
 	end
 end

data/lib/audit/lib/connection/ssh_connection.rb CHANGED Viewed

@@ -26,7 +26,7 @@ class SshConnection
 		end
 		@@logger.info("opening ssh connection with parameters: " + @parameters.to_s)
 		parameters = @parameters.clone()
 		host = @parameters[:host]
 		user = @parameters[:user]

data/lib/audit/lib/parser/command/attach_file_command.rb CHANGED Viewed

@@ -1,7 +1,7 @@
-require 'parser/command/abstract_command_result'
-require 'parser/command/abstract_command'
-require 'parser/parse_exception'
-require 'parser/result_type'
+require 'audit/lib/parser/command/abstract_command_result'
+require 'audit/lib/parser/command/abstract_command'
+require 'audit/lib/parser/parse_exception'
+require 'audit/lib/parser/result_type'
 class AttachFileCommandResult < AbstractCommandResult
   attr_reader :file
@@ -60,4 +60,4 @@ class AttachFileCommand < AbstractCommand
   def result()
     return AttachFileCommandResult.new(@check, @severity, @message, @local_path)
   end
-end
+end

data/lib/audit/lib/parser/command/check_finished_command.rb CHANGED Viewed

@@ -1,8 +1,8 @@
 # To change this template, choose Tools | Templates
 # and open the template in the editor.
-require 'parser/command/abstract_command_result'
-require 'parser/command/abstract_command'
-require 'parser/result_type'
+require 'audit/lib/parser/command/abstract_command_result'
+require 'audit/lib/parser/command/abstract_command'
+require 'audit/lib/parser/result_type'
 class CheckFinishedCommandResult < AbstractCommandResult
   attr_reader :exit_code

data/lib/audit/lib/parser/command/cpe_name_command.rb CHANGED Viewed

@@ -1,6 +1,6 @@
-require 'parser/command/abstract_command'
-require 'parser/command/abstract_command_result'
-require 'parser/result_type'
+require 'audit/lib/parser/command/abstract_command'
+require 'audit/lib/parser/command/abstract_command_result'
+require 'audit/lib/parser/result_type'
 class CpeNameCommandResult < AbstractCommandResult
   def initialize(check, severity, message, cpe_name)
@@ -34,4 +34,4 @@ class CpeNameCommand < AbstractCommand
   def result()
     return CpeNameCommandResult.new(@check, @severity, @message, @cpe_name)
   end
-end
+end

data/lib/audit/lib/parser/command/data_command.rb CHANGED Viewed

@@ -1,7 +1,7 @@
-require 'parser/command/abstract_command'
-require 'parser/command/abstract_command_result'
-require 'parser/result_type'
-require 'parser/parse_exception'
+require 'audit/lib/parser/command/abstract_command'
+require 'audit/lib/parser/command/abstract_command_result'
+require 'audit/lib/parser/result_type'
+require 'audit/lib/parser/parse_exception'
 class DataCommandResult < AbstractCommandResult
   attr_reader :key
@@ -40,4 +40,4 @@ class DataCommand < AbstractCommand
   def result()
     return DataCommandResult.new(@check, @severity, @key, @value)
   end
-end
+end

data/lib/audit/lib/parser/command/listening_port_command.rb CHANGED Viewed

@@ -1,8 +1,8 @@
 # To change this template, choose Tools | Templates
 # and open the template in the editor.
-require 'parser/command/abstract_command'
-require 'parser/command/abstract_command_result'
+require 'audit/lib/parser/command/abstract_command'
+require 'audit/lib/parser/command/abstract_command_result'
 class ListeningPortCommandResult < AbstractCommandResult

data/lib/audit/lib/parser/command/message_command.rb CHANGED Viewed

@@ -1,6 +1,6 @@
-require 'parser/command/abstract_command'
-require 'parser/command/abstract_command_result'
-require 'parser/result_type'
+require 'audit/lib/parser/command/abstract_command'
+require 'audit/lib/parser/command/abstract_command_result'
+require 'audit/lib/parser/result_type'
 class MessageCommandResult < AbstractCommandResult
   def initialize(check, severity, message)
@@ -18,4 +18,4 @@ class MessageCommand < AbstractCommand
   def result()
     return MessageCommandResult.new(@check, @severity, @message)
   end
-end
+end

data/lib/audit/lib/parser/command/program_name_command.rb CHANGED Viewed

@@ -1,6 +1,6 @@
-require 'parser/command/abstract_command'
-require 'parser/command/abstract_command_result'
-require 'parser/result_type'
+require 'audit/lib/parser/command/abstract_command'
+require 'audit/lib/parser/command/abstract_command_result'
+require 'audit/lib/parser/result_type'
 class ProgramNameCommandResult < AbstractCommandResult
   attr_reader :program_name
@@ -39,4 +39,4 @@ class ProgramNameCommand < AbstractCommand
   def result()
     return ProgramNameCommandResult.new(@check, @severity, @message, @name, @version)
   end
-end
+end

data/lib/audit/lib/parser/script_output_parser.rb CHANGED Viewed

@@ -1,16 +1,16 @@
 require 'logger'
-require 'parser/command/program_name_command'
-require 'parser/command/cpe_name_command'
-require 'parser/command/attach_file_command'
-require 'parser/command/message_command'
-require 'parser/command/check_finished_command'
-require 'parser/command/listening_port_command'
-require 'parser/command/data_command'
-require 'parser/parse_exception'
-require 'benchmark/rule_severity'
-require 'parser/stdout_line_buffer'
-require 'benchmark/rule_result'
+require 'audit/lib/parser/command/program_name_command'
+require 'audit/lib/parser/command/cpe_name_command'
+require 'audit/lib/parser/command/attach_file_command'
+require 'audit/lib/parser/command/message_command'
+require 'audit/lib/parser/command/check_finished_command'
+require 'audit/lib/parser/command/listening_port_command'
+require 'audit/lib/parser/command/data_command'
+require 'audit/lib/parser/parse_exception'
+require 'audit/lib/benchmark/rule_severity'
+require 'audit/lib/parser/stdout_line_buffer'
+require 'audit/lib/benchmark/rule_result'
 # This class parses the output generated by a sh script.
 # Each output line is expected to start with the marker LINE_START

data/lib/audit/lib/ssh_fingerprint.rb CHANGED Viewed

@@ -1,7 +1,7 @@
 #!/usr/bin/env ruby
 require 'rexml/document'
-require 'util/random_string'
+require 'audit/lib/util/random_string'
 require 'fileutils'
 require 'socket'
 require 'timeout'
@@ -217,4 +217,4 @@ module SSH_FINGERPRINT
 			:algorithms => get_algorithms(host, port),
 			:version1 => version1_supported?(host, port)}
 	end
-end
+end

data/lib/audit/lib/transformers/web_view_transformer.rb CHANGED Viewed

@@ -3,8 +3,8 @@
 # icons taken from http://www.famfamfam.com/lab/icons/silk/
-require 'benchmark/audit_benchmark'
-require 'parser/result_type'
+require 'audit/lib/benchmark/audit_benchmark'
+require 'audit/lib/parser/result_type'
 require 'logger'
 class WebViewTransformer

data/lib/help/state_transition_helper.rb CHANGED Viewed

@@ -96,6 +96,7 @@ module StateTransitionHelper
   # * ami_id => ID of the AMI to be launched
   # * key_name => name of the key to access the instance
   # * security_group_name => name of the security group to be used
+  # * type => type of instance to start
   # Returned information:
   # * instance_id => ID of the started instance
   # * dns_name => DNS name of the started instance
@@ -103,7 +104,7 @@ module StateTransitionHelper
   # * kernel_id => EC2 Kernel ID of the started instance
   # * ramdisk_id => EC2 Ramdisk ID of the started instance
   # * architecture => architecture (e.g. 386i, 64x) of the started instance
-  def launch_instance(ami_id, key_name, security_group_name, ec2_handler = nil)
+  def launch_instance(ami_id, key_name, security_group_name, ec2_handler = nil, type = nil)
     ec2_handler = ec2_handler() if ec2_handler == nil
     post_message("starting up instance to execute the script (AMI = #{ami_id}) ...")
     @logger.debug "start up AMI #{ami_id}"
@@ -114,6 +115,7 @@ module StateTransitionHelper
     if architecture != "i386"
       instance_type = "m1.large"
     end
+    instance_type = type if type != nil
     arch_log_msg = "Architecture of image #{ami_id} is #{architecture}. Use instance_type #{instance_type}."
     @logger.info arch_log_msg
     post_message(arch_log_msg)
@@ -150,6 +152,59 @@ module StateTransitionHelper
     return instance_id, dns_name, availability_zone, kernel_id, ramdisk_id, architecture
   end
+  # Start an instance
+  # Input Paramters:
+  # * instance_id => ID of the instance to start
+  # * timeout => a timeout for waiting instance to start to avoid infinite loop (default set to 4m)
+  # Return Parameters (Array):
+  # * instance_id
+  # * public_dns_name
+  def start_instance(instance_id, timeout = 240)
+    dns_name = ""
+    post_message("going to start instance '#{instance_id}'...")
+    res = ec2_handler().describe_instances(:instance_id => instance_id)
+    state = res['reservationSet']['item'][0]['instancesSet']['item'][0]['instanceState']
+    if state['code'].to_i == 16
+      dns_name = res['reservationSet']['item'][0]['instancesSet']['item'][0]['dnsName']
+      msg = "instance '#{instance_id}' already started"
+      @logger.warn "#{msg}"
+      post_message("#{msg}")
+      done = true
+    else
+      @logger.debug "start instance #{instance_id}"
+      ec2_handler().start_instances(:instance_id => instance_id)
+    end
+      while timeout > 0 && !done
+      res = ec2_handler().describe_instances(:instance_id => instance_id)
+      state = res['reservationSet']['item'][0]['instancesSet']['item'][0]['instanceState']
+      @logger.debug "instance in state '#{state['name']}' (#{state['code']})"
+      if state['code'].to_i == 16
+        done = true
+        timeout = 0
+        dns_name = res['reservationSet']['item'][0]['instancesSet']['item'][0]['dnsName']
+      elsif state['code'].to_i != 0
+        done = false
+        timeout = 0
+        msg = "instance in state '#{state['name']}'"
+        @logger.error "#{msg}"
+        post_message("#{msg}")
+      end
+      sleep(5)
+      timeout -= 5
+    end
+    msg = ""
+    if !done
+      msg = "Failed to start instance '#{instance_id}"
+      @logger.error "#{msg}"
+      raise Exception.new("Unable to start instance '#{instance_id}'}")
+    else
+      msg = "'#{instance_id}' successfully started"
+      @logger.info "#{msg}"
+    end
+    post_message("#{msg}")
+    return instance_id, dns_name
+  end
   # Shuts down an instance.
   # Input Parameters:
   # * instance_id => ID of the instance to be shut down
@@ -270,11 +325,12 @@ module StateTransitionHelper
     msg = ""
     if !done
       msg = "Failed to attach volume '#{volume_id}' to instance '#{instance_id}"
+      @logger.error "#{msg}"
       raise Exception.new("volume #{mount_point} not attached")
     else
       msg = "volume #{volume_id} successfully attached"
+      @logger.info "#{msg}"
     end
-    @logger.error "#{msg}"
     post_message("#{msg}")
   end
@@ -304,11 +360,12 @@ module StateTransitionHelper
     msg = ""
     if !done
       msg = "Failed to detach volume '#{volume_id}' from instance '#{instance_id}"
+      @logger.error "#{msg}"
       raise Exception.new("volume #{mount_point} not detached")
     else
       msg = "volume #{volume_id} successfully detached"
+      @logger.info "#{msg}"
     end
-    @logger.error "#{msg}"
     post_message("#{msg}")
   end

data/lib/scripts/ec2/audit_via_ssh.rb ADDED Viewed

@@ -0,0 +1,150 @@
+require "help/script_execution_state"
+require "scripts/ec2/ec2_script"
+require "help/remote_command_handler"
+require "help/ec2_helper"
+require "audit/lib/audit"
+require "AWS"
+require 'pp'
+# Audit an AMI or an instance via an SSH connection using a specific benchmark
+#
+class AuditViaSsh < Ec2Script
+  # Input parameters
+  # * ec2_api_handler => object that allows to access the EC2 API
+  # * ami_id => the ID of the AMI to be copied in another region
+  # * ssh_username => The username for ssh for source-instance (default = root)
+  # * key_name => Key name of the instance that manages the snaphot-volume in the source region
+  # * ssh_key_data => Key information for the security group that starts the AMI [if not set, use ssh_key_files]
+  def initialize(input_params)
+    super(input_params)
+  end
+  def check_input_parameters()
+    if @input_params[:ami_id] == nil && @input_params[:instance_id] == nil
+      raise Exception.new("No Instance ID or AMI ID specified")
+    end
+    if @input_params[:ami_id] != nil && !(@input_params[:ami_id] =~ /^ami-.*$/)
+      raise Exception.new("Invalid AMI ID specified")
+    end
+    if @input_params[:instance_id] != nil && !(@input_params[:instance_id] =~ /^i-.*$/)
+      raise Exception.new("Invalid Instance ID specified")
+    end
+    if @input_params[:sec_grp_name] == nil
+      @input_params[:sec_grp_name] = "default"
+    end
+    if @input_params[:audit_type] != nil && @input_params[:audit_type].casecmp("SSH")
+      @input_params[:benchmark_file] = "./lib/audit/benchmark_ssh.zip"
+    elsif @input_params[:audit_type] != nil && @input_params[:audit_type].casecmp("APACHE")
+      @input_params[:benchmark_file] = "./lib/audit/benchmark_apache.zip"
+    else
+      raise Exception.new("Invalid Audit '#{@input_params[:audit_type]}' specified")
+    end
+    ec2_helper = Ec2Helper.new(@input_params[:ec2_api_handler])
+    if !ec2_helper.check_open_port(@input_params[:sec_grp_name], 22)
+      raise Exception.new("Port 22 must be opened for security group 'default' to connect via SSH")
+    end
+  end
+  def load_initial_state()
+    AuditViaSshState.load_state(@input_params)
+  end
+  private
+  # Here begins the state machine implementation
+  class AuditViaSshState < ScriptExecutionState
+    def self.load_state(context)
+      state = context[:initial_state] == nil ? InitialState.new(context) : context[:initial_state]
+      state
+    end
+  end
+  # Start an instance and wait for it to be UP and running
+  # Create a temporary directory
+  class InitialState < AuditViaSshState
+    def enter
+      instances_info = []
+      tmp_dir = ""
+      if @context[:ami_id] != nil
+        instance_infos = launch_instance(@context[:ami_id], @context[:ssh_key_name], @context[:sec_grp_name], nil, "t1.micro")
+        tmp_dir = "/tmp/#{@context[:ami_id]}-#{Time.now().to_i}"
+      elsif @context[:instance_id] != nil
+        instance_infos = start_instance(@context[:instance_id])
+        tmp_dir = "/tmp/#{@context[:instance_id]}-#{Time.now().to_i}"
+      else
+        raise Exception.new("No Instance ID or AMI ID specified (should have been catched earlier)")
+      end
+      @context[:instance_id] = instance_infos[0]
+      @context[:public_dns_name] = instance_infos[1]
+      @context[:tmp_dir] = tmp_dir
+      #puts "DEBUG: Audit Scripts"
+      #pp @context
+      Dir::mkdir(tmp_dir)
+      if FileTest::directory?(tmp_dir)
+        post_message("local temporary directory created")
+      end
+      LaunchAuditViaSsh.new(@context)
+    end
+  end
+  # Launch the audit via SSH
+  class LaunchAuditViaSsh < AuditViaSshState
+    def enter
+      audit = Audit.new(:benchmark => @context[:benchmark_file], :attachment_dir => @context[:tmp_dir],
+                        :connection_type => :ssh,
+                        :connection_params => {:user => @context[:ssh_user],
+                                               :keys => @context[:ssh_key_file],
+                                               :host => @context[:public_dns_name],
+                                               :paranoid => false},
+                                               :logger => nil)
+      audit.start(false)
+      @context[:result][:audit_test] = []
+      audit.results.each() {|key, value|
+        if key =~ /^SSH_.*$/ || key =~ /^APACHE2_.*$/
+          #puts "DEBUG: Key: #{key}, Result: #{value.result}, Desc: #{value.rule.description}"
+          @context[:result][:audit_test] << {:name => key, :desc => value.rule.description, :status => value.result}
+          post_message("== > Test #{key}: Status: #{value.result.eql?("pass") ? "OK" : "NOK"}\n  Desc: #{value.rule.description}")
+        end
+      }
+      CleanUpAuditViaSsh.new(@context)
+    end
+  end
+  # Terminate an instance
+  class CleanUpAuditViaSsh < AuditViaSshState
+    def enter
+      if @context[:ami_id] != nil
+        shut_down_instance(@context[:instance_id])
+      elsif @context[:instance_id] != nil
+        #TODO: stop the instance only if you have started it
+        #stop_instance(@context[:instance_id])
+      else
+        raise Exception.new("No Instance ID or AMI ID specified (should have been catched earlier)")
+      end
+      AnalyseAuditViaSsh.new(@context)
+    end
+  end
+  # Analyse audit via SSH results
+  class AnalyseAuditViaSsh < AuditViaSshState
+    def enter
+      Done.new(@context)
+    end
+  end
+  # Script done.
+  class Done < AuditViaSshState
+    def done?
+      true
+    end
+  end
+end

data/lib/scripts/ec2/ec2_script.rb CHANGED Viewed

@@ -12,7 +12,7 @@ class Ec2Script
     @progress_message_listeners = []
     if input_params[:logger] == nil
       @logger = Logger.new(STDOUT)
-      @logger .level = Logger::WARN
+      @logger.level = Logger::WARN
       input_params[:logger] = @logger
     else
       @logger = input_params[:logger]

metadata CHANGED Viewed

@@ -1,12 +1,13 @@
 --- !ruby/object:Gem::Specification
 name: CloudyScripts
 version: !ruby/object:Gem::Version
+  hash: 13
   prerelease: false
   segments:
   - 1
-  - 7
-  - 27
-  version: 1.7.27
+  - 8
+  - 29
+  version: 1.8.29
 platform: ruby
 authors:
 - Matthias Jung
@@ -14,16 +15,18 @@ autorequire:
 bindir: bin
 cert_chain: []
-date: 2011-07-04 00:00:00 +02:00
+date: 2011-07-07 00:00:00 +00:00
 default_executable:
 dependencies:
 - !ruby/object:Gem::Dependency
   name: amazon-ec2
   prerelease: false
   requirement: &id001 !ruby/object:Gem::Requirement
+    none: false
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
+        hash: 3
         segments:
         - 0
         version: "0"
@@ -33,9 +36,11 @@ dependencies:
   name: net-ssh
   prerelease: false
   requirement: &id002 !ruby/object:Gem::Requirement
+    none: false
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
+        hash: 3
         segments:
         - 0
         version: "0"
@@ -45,9 +50,11 @@ dependencies:
   name: net-scp
   prerelease: false
   requirement: &id003 !ruby/object:Gem::Requirement
+    none: false
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
+        hash: 3
         segments:
         - 0
         version: "0"
@@ -66,191 +73,199 @@ files:
 - LICENSE
 - README.rdoc
 - Rakefile
-- lib/audit/checks/APACHE2.group
-- lib/audit/checks/APACHE2_CONFIG_01.check
-- lib/audit/checks/APACHE2_CONFIG_02.check
-- lib/audit/checks/APACHE2_CONFIG_03.check
 - lib/audit/checks/APACHE2_CONFIG_04.check
-- lib/audit/checks/APACHE2_CONFIG_05.check
-- lib/audit/checks/APACHE2_CONFIG_06.check
-- lib/audit/checks/APACHE2_INIT_1.check
-- lib/audit/checks/APACHE2_INIT_2.check
-- lib/audit/checks/APACHE2_INIT_3.check
-- lib/audit/checks/APACHE2_USER_7.check
-- lib/audit/checks/BACKUP_HOME_DOTFILES.check
+- lib/audit/checks/LYNIS_AUTH.group
+- lib/audit/checks/LOGGED_USERS.check
+- lib/audit/checks/HAS_FILE_DOWNLOADER.check
+- lib/audit/checks/MYSQL_HISTORY_1.check
+- lib/audit/checks/DISTRIBUTION_FACTS.check
+- lib/audit/checks/HAS_ID.check
+- lib/audit/checks/MAYBE_HAS_TAR.check
+- lib/audit/checks/FIND_SHADOW_FILE.check
+- lib/audit/checks/HAS_UNAME.check
+- lib/audit/checks/HAS_LSB_RELEASE.check
+- lib/audit/checks/MYSQL_INIT_3.check
+- lib/audit/checks/VARIOUS.group
 - lib/audit/checks/BACKUP_LOG.check
-- lib/audit/checks/BACKUP_MAIL.check
-- lib/audit/checks/BACKUP_WEB.check
+- lib/audit/checks/PLATFORM_FACTS.check
+- lib/audit/checks/script_header.template
+- lib/audit/checks/SSH_CONFIG_03.check
+- lib/audit/checks/benchmark.group.ssh
 - lib/audit/checks/benchmark.group
-- lib/audit/checks/CONFIGURATION_BACKUP.check
-- lib/audit/checks/DIRECTORY_LISTING.check
-- lib/audit/checks/DISTRIBUTION_FACTS.check
-- lib/audit/checks/DMESG_OUTPUT.check
-- lib/audit/checks/FIND_GROUP_FILE.check
+- lib/audit/checks/LYNIS_AUTH_9208.check
+- lib/audit/checks/SSH_CONFIG_10.check
 - lib/audit/checks/FIND_PASSWD_FILE.check
-- lib/audit/checks/FIND_SHADOW_FILE.check
-- lib/audit/checks/FIND_SUDOERS_FILE.check
-- lib/audit/checks/footer.template
-- lib/audit/checks/FREE_SPACE.check
-- lib/audit/checks/HAS_AWK.check
-- lib/audit/checks/HAS_BASE.check
+- lib/audit/checks/LYNIS_AUTH_9204.check
+- lib/audit/checks/SSH_CONFIG_09.check
+- lib/audit/checks/MYSQL_INIT_2.check
+- lib/audit/checks/HAS_GROUPS.check
+- lib/audit/checks/LOADED_MODULES.check
 - lib/audit/checks/HAS_CAT.check
-- lib/audit/checks/HAS_COMPRESSOR.check
-- lib/audit/checks/HAS_CUT.check
+- lib/audit/checks/HAS_SUPERUSER.check
+- lib/audit/checks/SLOW.group
+- lib/audit/checks/SSH_CONFIG_04.check
+- lib/audit/checks/benchmark.group.full
+- lib/audit/checks/LYNIS_AUTH_9226.check
+- lib/audit/checks/APACHE2_CONFIG_01.check
+- lib/audit/checks/MAYBE_HAS_UNAME.check
 - lib/audit/checks/HAS_DF.check
-- lib/audit/checks/HAS_DPKG.check
-- lib/audit/checks/HAS_FILE_DOWNLOADER.check
+- lib/audit/checks/HAS_UNIQ.check
+- lib/audit/checks/APACHE2_INIT_1.check
+- lib/audit/checks/APACHE2_INIT_2.check
+- lib/audit/checks/USERS_INIT_2.check
+- lib/audit/checks/PORTS_OPEN_NETSTAT.check
+- lib/audit/checks/LIST_ROUTES.check
+- lib/audit/checks/SSH_CONFIG_06.check
+- lib/audit/checks/SSH_INIT_1.check
+- lib/audit/checks/SLOW_1.check
+- lib/audit/checks/MAYBE_HAS_LSB_RELEASE.check
+- lib/audit/checks/APACHE2_CONFIG_05.check
 - lib/audit/checks/HAS_FIND.check
-- lib/audit/checks/HAS_GREP.check
-- lib/audit/checks/HAS_GROUPCHECK.check
-- lib/audit/checks/HAS_GROUPS.check
-- lib/audit/checks/HAS_HOSTNAME.check
-- lib/audit/checks/HAS_ID.check
-- lib/audit/checks/HAS_LSB_RELEASE.check
-- lib/audit/checks/HAS_MOUNT.check
+- lib/audit/checks/LASTLOG.check
+- lib/audit/checks/HAS_WHO.check
+- lib/audit/checks/USERS_INIT_5.check
+- lib/audit/checks/HAS_TAIL.check
+- lib/audit/checks/header.template
 - lib/audit/checks/HAS_NETSTAT.check
-- lib/audit/checks/HAS_PASSWD_CHECK.check
-- lib/audit/checks/HAS_PS.check
+- lib/audit/checks/VAR_LIST_HOME_DIRECTORIES.check
 - lib/audit/checks/HAS_ROUTE.check
-- lib/audit/checks/HAS_SH.check
+- lib/audit/checks/PASSWORD_INFORMATION.check
+- lib/audit/checks/FIND_SUDOERS_FILE.check
+- lib/audit/checks/APACHE2_CONFIG_06.check
+- lib/audit/checks/USERS_INIT_1.check
+- lib/audit/checks/LYNIS_AUTH_9222.check
+- lib/audit/checks/BACKUP_MAIL.check
+- lib/audit/checks/BACKUP_WEB.check
+- lib/audit/checks/HAS_COMPRESSOR.check
+- lib/audit/checks/HAS_TAR.check
+- lib/audit/checks/benchmark.ssh.zip
+- lib/audit/checks/HAS_CUT.check
+- lib/audit/checks/SLOW_3.check
+- lib/audit/checks/APACHE2_INIT_3.check
+- lib/audit/checks/SSH_INIT_2.check
+- lib/audit/checks/SSH_CONFIG_01.check
+- lib/audit/checks/benchmark.group.apache
+- lib/audit/checks/HAS_PASSWD_CHECK.check
+- lib/audit/checks/USER_INFORMATION.check
+- lib/audit/checks/SSH_CONFIG_11.check
+- lib/audit/checks/HAS_DPKG.check
 - lib/audit/checks/HAS_SORT.check
+- lib/audit/checks/MAYBE_HAS_WGET.check
+- lib/audit/checks/APACHE2.group
+- lib/audit/checks/APACHE2_USER_7.check
+- lib/audit/checks/SSH_CONFIG_08.check
+- lib/audit/checks/SSH_CONFIG_07.check
+- lib/audit/checks/SSH_CONFIG_02.check
+- lib/audit/checks/LYNIS_AUTH_9228.check
+- lib/audit/checks/FIND_GROUP_FILE.check
+- lib/audit/checks/USERS_INIT_3.check
+- lib/audit/checks/HAS_YUM.check
+- lib/audit/checks/MAYBE_HAS_ID.check
+- lib/audit/checks/SLOW_2.check
+- lib/audit/checks/HAS_MOUNT.check
+- lib/audit/checks/HAS_AWK.check
+- lib/audit/checks/MOUNTED_DEVICES.check
+- lib/audit/checks/MAYBE_HAS_HOSTNAME.check
+- lib/audit/checks/SSH_CONFIG_05.check
+- lib/audit/checks/HAS_BASE.check
+- lib/audit/checks/HAS_GREP.check
+- lib/audit/checks/SSH_KEYS_1.check
+- lib/audit/checks/MAYBE_HAS_DU.check
+- lib/audit/checks/PACKAGES_INSTALLED_YUM.check
 - lib/audit/checks/HAS_STAT.check
-- lib/audit/checks/HAS_SUPERUSER.check
-- lib/audit/checks/HAS_TAIL.check
-- lib/audit/checks/HAS_TAR.check
 - lib/audit/checks/HAS_TR.check
-- lib/audit/checks/HAS_UNAME.check
-- lib/audit/checks/HAS_UNIQ.check
-- lib/audit/checks/HAS_WC.check
-- lib/audit/checks/HAS_WHO.check
-- lib/audit/checks/HAS_YUM.check
-- lib/audit/checks/header.template
-- lib/audit/checks/helpers/head.sh
-- lib/audit/checks/LASTLOG.check
-- lib/audit/checks/LIST_ROUTES.check
-- lib/audit/checks/LIST_USER_ACCOUNTS.check
-- lib/audit/checks/LOADED_MODULES.check
-- lib/audit/checks/LOCAL_NMAP.check
-- lib/audit/checks/LOGGED_USERS.check
-- lib/audit/checks/LYNIS_AUTH.group
-- lib/audit/checks/LYNIS_AUTH_9204.check
-- lib/audit/checks/LYNIS_AUTH_9208.check
-- lib/audit/checks/LYNIS_AUTH_9216.check
-- lib/audit/checks/LYNIS_AUTH_9222.check
-- lib/audit/checks/LYNIS_AUTH_9226.check
-- lib/audit/checks/LYNIS_AUTH_9228.check
+- lib/audit/checks/HAS_PS.check
 - lib/audit/checks/LYNIS_AUTH_9252.check
-- lib/audit/checks/MAYBE_HAS_BZIP2.check
-- lib/audit/checks/MAYBE_HAS_CURL.check
-- lib/audit/checks/MAYBE_HAS_DU.check
-- lib/audit/checks/MAYBE_HAS_HOSTNAME.check
-- lib/audit/checks/MAYBE_HAS_ID.check
-- lib/audit/checks/MAYBE_HAS_LSB_RELEASE.check
+- lib/audit/checks/CONFIGURATION_BACKUP.check
+- lib/audit/checks/HAS_SH.check
+- lib/audit/checks/HAS_GROUPCHECK.check
+- lib/audit/checks/LOCAL_NMAP.check
+- lib/audit/checks/APACHE2_CONFIG_02.check
+- lib/audit/checks/footer.template
+- lib/audit/checks/DIRECTORY_LISTING.check
+- lib/audit/checks/FREE_SPACE.check
+- lib/audit/checks/LIST_USER_ACCOUNTS.check
+- lib/audit/checks/APACHE2_CONFIG_03.check
 - lib/audit/checks/MAYBE_HAS_SUPERUSER.check
-- lib/audit/checks/MAYBE_HAS_TAR.check
-- lib/audit/checks/MAYBE_HAS_UNAME.check
-- lib/audit/checks/MAYBE_HAS_WGET.check
-- lib/audit/checks/MOUNTED_DEVICES.check
-- lib/audit/checks/MYSQL_HISTORY_1.check
+- lib/audit/checks/MAYBE_HAS_CURL.check
+- lib/audit/checks/DMESG_OUTPUT.check
+- lib/audit/checks/HAS_WC.check
 - lib/audit/checks/MYSQL_INIT_1.check
-- lib/audit/checks/MYSQL_INIT_2.check
-- lib/audit/checks/MYSQL_INIT_3.check
-- lib/audit/checks/PACKAGES_INSTALLED_DPKG.check
-- lib/audit/checks/PACKAGES_INSTALLED_YUM.check
-- lib/audit/checks/PASSWORD_INFORMATION.check
-- lib/audit/checks/PLATFORM_FACTS.check
-- lib/audit/checks/PORTS_OPEN_NETSTAT.check
 - lib/audit/checks/PROCESS_LIST.check
-- lib/audit/checks/script_header.template
-- lib/audit/checks/SLOW.group
-- lib/audit/checks/SLOW_1.check
-- lib/audit/checks/SLOW_2.check
-- lib/audit/checks/SLOW_3.check
-- lib/audit/checks/SSH.group
-- lib/audit/checks/SSH_CONFIG_01.check
-- lib/audit/checks/SSH_CONFIG_02.check
-- lib/audit/checks/SSH_CONFIG_03.check
-- lib/audit/checks/SSH_CONFIG_04.check
-- lib/audit/checks/SSH_CONFIG_05.check
-- lib/audit/checks/SSH_CONFIG_06.check
-- lib/audit/checks/SSH_CONFIG_07.check
-- lib/audit/checks/SSH_CONFIG_08.check
-- lib/audit/checks/SSH_CONFIG_09.check
-- lib/audit/checks/SSH_CONFIG_10.check
-- lib/audit/checks/SSH_CONFIG_11.check
-- lib/audit/checks/SSH_INIT_1.check
-- lib/audit/checks/SSH_INIT_2.check
-- lib/audit/checks/SSH_KEYS_1.check
-- lib/audit/checks/USER_INFORMATION.check
-- lib/audit/checks/USERS_INIT_1.check
-- lib/audit/checks/USERS_INIT_2.check
-- lib/audit/checks/USERS_INIT_3.check
+- lib/audit/checks/helpers/head.sh
 - lib/audit/checks/USERS_INIT_4.check
-- lib/audit/checks/USERS_INIT_5.check
-- lib/audit/checks/VAR_LIST_HOME_DIRECTORIES.check
-- lib/audit/checks/VARIOUS.group
-- lib/audit/create_benchmark.sh
-- lib/audit/lib/audit.rb
+- lib/audit/checks/BACKUP_HOME_DOTFILES.check
+- lib/audit/checks/PACKAGES_INSTALLED_DPKG.check
+- lib/audit/checks/HAS_HOSTNAME.check
+- lib/audit/checks/MAYBE_HAS_BZIP2.check
+- lib/audit/checks/SSH.group
+- lib/audit/checks/LYNIS_AUTH_9216.check
+- lib/audit/benchmark_apache.zip
+- lib/audit/lib/ssh_utils.rb
+- lib/audit/lib/http_fingerprint.rb
+- lib/audit/lib/ssh_fingerprint2.rb
+- lib/audit/lib/nessus_utils.rb
+- lib/audit/lib/my_option_parser.rb
+- lib/audit/lib/util/random_string.rb
+- lib/audit/lib/main.rb
 - lib/audit/lib/audit_facade.rb
+- lib/audit/lib/benchmark/check.rb
+- lib/audit/lib/benchmark/rule_result.rb
+- lib/audit/lib/benchmark/rule_severity.rb
+- lib/audit/lib/benchmark/item_exception.rb
+- lib/audit/lib/benchmark/result_code.rb
 - lib/audit/lib/benchmark/audit_benchmark.rb
-- lib/audit/lib/benchmark/automatic_dependencies.rb
+- lib/audit/lib/benchmark/yaml_benchmark.rb
 - lib/audit/lib/benchmark/benchmark_factory.rb
 - lib/audit/lib/benchmark/benchmark_result.rb
-- lib/audit/lib/benchmark/check.rb
+- lib/audit/lib/benchmark/automatic_dependencies.rb
 - lib/audit/lib/benchmark/group.rb
-- lib/audit/lib/benchmark/item_exception.rb
-- lib/audit/lib/benchmark/result_code.rb
-- lib/audit/lib/benchmark/rule_result.rb
 - lib/audit/lib/benchmark/rule_role.rb
-- lib/audit/lib/benchmark/rule_severity.rb
-- lib/audit/lib/benchmark/yaml_benchmark.rb
-- lib/audit/lib/connection/ami_connection.rb
-- lib/audit/lib/connection/connection_factory.rb
-- lib/audit/lib/connection/ssh_connection.rb
-- lib/audit/lib/ec2_utils.rb
-- lib/audit/lib/http_fingerprint.rb
-- lib/audit/lib/lazy.rb
-- lib/audit/lib/linear_script_generator.rb
-- lib/audit/lib/main.rb
-- lib/audit/lib/my_option_parser.rb
+- lib/audit/lib/transformers/web_view_transformer.rb
+- lib/audit/lib/transformers/yaml_transformer.rb
+- lib/audit/lib/audit.rb
 - lib/audit/lib/nessus_new.rb
-- lib/audit/lib/nessus_utils.rb
-- lib/audit/lib/parser/command/abstract_command.rb
-- lib/audit/lib/parser/command/abstract_command_result.rb
-- lib/audit/lib/parser/command/attach_file_command.rb
-- lib/audit/lib/parser/command/check_finished_command.rb
-- lib/audit/lib/parser/command/cpe_name_command.rb
-- lib/audit/lib/parser/command/data_command.rb
+- lib/audit/lib/linear_script_generator.rb
+- lib/audit/lib/parser/result_type.rb
+- lib/audit/lib/parser/parse_exception.rb
+- lib/audit/lib/parser/stdout_line_buffer.rb
+- lib/audit/lib/parser/script_output_parser.rb
 - lib/audit/lib/parser/command/listening_port_command.rb
+- lib/audit/lib/parser/command/check_finished_command.rb
 - lib/audit/lib/parser/command/message_command.rb
+- lib/audit/lib/parser/command/data_command.rb
+- lib/audit/lib/parser/command/cpe_name_command.rb
+- lib/audit/lib/parser/command/attach_file_command.rb
+- lib/audit/lib/parser/command/abstract_command_result.rb
 - lib/audit/lib/parser/command/program_name_command.rb
-- lib/audit/lib/parser/parse_exception.rb
-- lib/audit/lib/parser/result_type.rb
-- lib/audit/lib/parser/script_output_parser.rb
-- lib/audit/lib/parser/stdout_line_buffer.rb
+- lib/audit/lib/parser/command/abstract_command.rb
 - lib/audit/lib/ssh_fingerprint.rb
-- lib/audit/lib/ssh_fingerprint2.rb
-- lib/audit/lib/ssh_utils.rb
-- lib/audit/lib/transformers/web_view_transformer.rb
-- lib/audit/lib/transformers/yaml_transformer.rb
-- lib/audit/lib/util/random_string.rb
+- lib/audit/lib/ec2_utils.rb
+- lib/audit/lib/lazy.rb
+- lib/audit/lib/connection/ami_connection.rb
+- lib/audit/lib/connection/ssh_connection.rb
+- lib/audit/lib/connection/connection_factory.rb
 - lib/audit/lib/version.rb
-- lib/cloudyscripts.rb
-- lib/help/dm_crypt_helper.rb
-- lib/help/ec2_helper.rb
-- lib/help/progress_message_listener.rb
-- lib/help/remote_command_handler.rb
-- lib/help/script_execution_state.rb
-- lib/help/state_change_listener.rb
-- lib/help/state_transition_helper.rb
+- lib/audit/create_benchmark.sh
+- lib/audit/benchmark_full.zip
+- lib/audit/benchmark_ssh.zip
+- lib/scripts/ec2/port_range_detector.rb
+- lib/scripts/ec2/dm_encrypt.rb
 - lib/scripts/ec2/ami2_ebs_conversion.rb
+- lib/scripts/ec2/audit_via_ssh.rb
+- lib/scripts/ec2/open_port_checker.rb
 - lib/scripts/ec2/copy_ami.rb
 - lib/scripts/ec2/copy_snapshot.rb
-- lib/scripts/ec2/dm_encrypt.rb
-- lib/scripts/ec2/download_snapshot.rb
 - lib/scripts/ec2/ec2_script.rb
-- lib/scripts/ec2/open_port_checker.rb
-- lib/scripts/ec2/port_range_detector.rb
+- lib/scripts/ec2/download_snapshot.rb
+- lib/help/ec2_helper.rb
+- lib/help/dm_crypt_helper.rb
+- lib/help/state_transition_helper.rb
+- lib/help/script_execution_state.rb
+- lib/help/progress_message_listener.rb
+- lib/help/remote_command_handler.rb
+- lib/help/state_change_listener.rb
+- lib/cloudyscripts.rb
 has_rdoc: true
 homepage: http://elastic-security.com
 licenses: []
@@ -261,23 +276,27 @@ rdoc_options: []
 require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
+      hash: 3
       segments:
       - 0
       version: "0"
 required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
+      hash: 3
       segments:
       - 0
       version: "0"
 requirements: []
 rubyforge_project: cloudyscripts
-rubygems_version: 1.3.6
+rubygems_version: 1.3.7
 signing_key:
 specification_version: 3
 summary: Scripts to facilitate programming for infrastructure clouds.